package org.apache.cxf.systest.jaxrs.security.oauth2.common;

import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.grants.code.DefaultEHCacheCodeDataProvider;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rt.security.crypto.CryptoUtils;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.class */
public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
    public OAuthDataProviderImpl(String str) throws Exception {
        Client client = new Client("consumer-id", "this-is-a-secret", true);
        client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org"));
        client.getAllowedGrantTypes().add("authorization_code");
        client.getAllowedGrantTypes().add("refresh_token");
        client.getAllowedGrantTypes().add("implicit");
        client.getAllowedGrantTypes().add("password");
        client.getAllowedGrantTypes().add("client_credentials");
        client.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:saml2-bearer");
        client.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:jwt-bearer");
        client.getRegisteredScopes().add("read_balance");
        client.getRegisteredScopes().add("create_balance");
        client.getRegisteredScopes().add("read_data");
        client.getRegisteredScopes().add("read_book");
        client.getRegisteredScopes().add("create_book");
        client.getRegisteredScopes().add("create_image");
        setClient(client);
        Client client2 = new Client("consumer-id-aud", "this-is-a-secret", true);
        client2.setRedirectUris(Collections.singletonList("http://www.blah.apache.org"));
        client2.getAllowedGrantTypes().add("authorization_code");
        client2.getAllowedGrantTypes().add("refresh_token");
        client2.getRegisteredAudiences().add("https://localhost:" + str + "/secured/bookstore/books");
        client2.getRegisteredAudiences().add("https://127.0.0.1/test");
        setClient(client2);
        Client client3 = new Client("consumer-id-aud2", "this-is-a-secret", true);
        client3.setRedirectUris(Collections.singletonList("http://www.blah.apache.org"));
        client3.getAllowedGrantTypes().add("authorization_code");
        client3.getAllowedGrantTypes().add("refresh_token");
        client3.getRegisteredAudiences().add("https://localhost:" + str + "/securedxyz/bookstore/books");
        setClient(client3);
        Client client4 = new Client("alice", "alice", true);
        client4.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:saml2-bearer");
        client4.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:jwt-bearer");
        client4.getAllowedGrantTypes().add("custom_grant");
        setClient(client4);
        String encode = Base64Utility.encode(loadCert().getEncoded());
        Client client5 = new Client("CN=whateverhost.com,OU=Morpit,O=ApacheTest,L=Syracuse,C=US", (String) null, true, (String) null, (String) null);
        client5.getAllowedGrantTypes().add("custom_grant");
        client5.setApplicationCertificates(Collections.singletonList(encode));
        setClient(client5);
    }

    private Certificate loadCert() throws Exception {
        return CryptoUtils.loadCertificate(getClass().getResourceAsStream("/org/apache/cxf/systest/http/resources/Truststore.jks"), new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}, "morpit", (String) null);
    }

    protected boolean isRefreshTokenSupported(List<String> list) {
        return true;
    }

    public List<OAuthPermission> convertScopeToPermissions(Client client, List<String> list) {
        if (list.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            if ("read_book".equals(str)) {
                OAuthPermission oAuthPermission = new OAuthPermission("read_book");
                oAuthPermission.setHttpVerbs(Collections.singletonList("GET"));
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add("/secured/bookstore/books/*");
                oAuthPermission.setUris(arrayList2);
                arrayList.add(oAuthPermission);
            } else if ("create_book".equals(str)) {
                OAuthPermission oAuthPermission2 = new OAuthPermission("create_book");
                oAuthPermission2.setHttpVerbs(Collections.singletonList("POST"));
                ArrayList arrayList3 = new ArrayList();
                arrayList3.add("/secured/bookstore/books/*");
                oAuthPermission2.setUris(arrayList3);
                arrayList.add(oAuthPermission2);
            } else if ("create_image".equals(str)) {
                OAuthPermission oAuthPermission3 = new OAuthPermission("create_image");
                oAuthPermission3.setHttpVerbs(Collections.singletonList("POST"));
                ArrayList arrayList4 = new ArrayList();
                arrayList4.add("/secured/bookstore/image/*");
                oAuthPermission3.setUris(arrayList4);
                arrayList.add(oAuthPermission3);
            } else if ("read_balance".equals(str)) {
                OAuthPermission oAuthPermission4 = new OAuthPermission("read_balance");
                oAuthPermission4.setHttpVerbs(Collections.singletonList("GET"));
                ArrayList arrayList5 = new ArrayList();
                arrayList5.add("/partners/balance/*");
                oAuthPermission4.setUris(arrayList5);
                arrayList.add(oAuthPermission4);
            } else if ("create_balance".equals(str)) {
                OAuthPermission oAuthPermission5 = new OAuthPermission("create_balance");
                oAuthPermission5.setHttpVerbs(Collections.singletonList("POST"));
                ArrayList arrayList6 = new ArrayList();
                arrayList6.add("/partners/balance/*");
                oAuthPermission5.setUris(arrayList6);
                arrayList.add(oAuthPermission5);
            } else {
                if (!"read_data".equals(str)) {
                    throw new OAuthServiceException("invalid_scope");
                }
                OAuthPermission oAuthPermission6 = new OAuthPermission("read_data");
                oAuthPermission6.setHttpVerbs(Collections.singletonList("GET"));
                ArrayList arrayList7 = new ArrayList();
                arrayList7.add("/partners/data/*");
                oAuthPermission6.setUris(arrayList7);
                arrayList.add(oAuthPermission6);
            }
        }
        return arrayList;
    }
}
